On Mon, Jul 29, 2013 at 3:31 PM, Ryan Lane <rlane32(a)gmail.com> wrote:
Well, you can either be vulnerable to BEAST or to the
less practical attack
against RC4. TLS 1.1/1.2 clients should choose the strongest cipher, while
SSL3/TLS1 clients are sent a preferred server list, specifying RC4 first.
See: <http://wiki.nginx.org/HttpSslModule#ssl_prefer_server_ciphers>.
Shows how much I know. Didn't realize we use nginx for our TLS servers.
Ignore what I said.
*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2016
Major in Computer Science
www.whizkidztech.com | tylerromeo(a)gmail.com